Employee information stolen in October cyberattack: TTC memo

As many as 25,000 current and former TTC employees may have had their information stolen in ransomware attack

Article content

TTC employees are being warned to keep an eye on their bank accounts after a cyberattack in October crippled a number of the transit agency’s key systems.

Advertisement

Story continues below

Article content

An internal memo issued Monday said the investigation so far suggests the personal information of as many as 25,000 current and former TTC employees may have been compromised in the Oct. 29 hack.

“We continue to investigate whether a small number of customers or vendors may also be impacted and will notify these individuals when we have further information,” the memo said.

The TTC claims the compromised information may include names, addresses, and social insurance numbers.

Those impacted by the breach, added the memo, will be contacted directly.

TTC employees are being asked to immediately sign up for a credit monitoring service, and to notify their bank. A statement similar to the internal memo was released by the TTC Monday afternoon.

Advertisement

Story continues below

Article content

The Oct. 29 ransomware attack brought down a number of TTC systems, including internal employee email, payroll, real-time route tracking, online booking for WheelTrans, and systems that allow transit control to monitor and communicate with surface vehicles.

Concerns over communication and safety triggered dozens of formal work refusals being filed with the Ontario Ministry of Labour .

We apologize, but this video has failed to load.

On Friday, TTC commissioners were provided with a confidential update during an emergency, in-camera meeting .

A statement from TTC CEO Rick Leary said there isn’t any evidence the information has been misused, and added that the hackers were part of an “extremely well-organized” enterprise.

“Over the coming weeks we will continue rebuilding the remaining impacted servers and internet services, like re-establishing external email capabilities,” Leary wrote.

“But in truth, and based on the experiences of other organizations, this could take some time.”

bpassifiume@postmedia.com
On Twitter:    @bryanpassifiume

    Advertisement

    Story continues below

    Comments

    Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.

    Share:

    Share on facebook
    Facebook
    Share on twitter
    Twitter
    Share on pinterest
    Pinterest
    Share on linkedin
    LinkedIn
    On Key

    Related Posts

    On AIR

    Russtrat world